Book Demo

Privacy Policy

Our commitment to take care of your personal data.

1. Introduction

SKG Services Europe Aps, Strandvejen 104B, 4. 2900 Hellerup, Denmark (“SKG Services Europe”, “we”, “us” or “our”) is committed to protecting the confidentiality, integrity, and availability of information about our customers, suppliers and collaborators, including personal data. We are strongly committed to protecting personal data and continuously strive to ensure ongoing compliance with data protection law, including the principals of General Data Protection Regulation art. 5.

As data controller we also have a duty to provide you with information about what personal information we process, why and how we process it, for how long we retain it, as well as how you can contact us about it and exercise your rights.

This privacy policy covers that duty in several sets of circumstances. If your situation is not covered in this policy, such as if you are employed with us, we have separate documents available to you with all necessary information.

2. Contact information

If you wish to contact us regarding our processing of your personal information, you can do so at:

SKG Services Europe Aps

Strandvejen 104 B, 2900, Hellerup

Contact: +45 22 88 00 00 or hello@skg-services.eu

Or reach out to our Data Protection Officer: Lill Larsen – telephone: +45 71 74 99 86, e-mail: dpo@yavica.com

3. Processing of personal information

Personal information are all types of information that can be connected to a person, directly or indirectly. This privacy policy describes how we process such information from the time we collect, store and use it, and until we delete it. We will only process personal information when necessary and for a specific purpose. Any personal information of yours will be processed with confidentiality.

3.1 Data protection

It is our responsibility to protect all personal information in our possession from being accidentally or unlawfully deleted, publicised, lost, corrupted, leaked, or misused. To do that we have taken a number of technical and organisational measures. We also ensure that processing only takes place when we can adhere to all our duties in data protection.

We keep your information up to date

As our services depend on our information about you being accurate, we ask that you keep us informed about relevant changes. You can always make use of the contact details above to let us know about any changes. We will update your information accordingly. If we find out on our own that our information about you is incorrect, e.g. spelling errors in your name or address, we will update it without further ado.

3.2 How did we get your information?

We gather personal information about you in a variety of ways, e.g.:

  • By using cookies on our website.
  • By receiving information from you, by way of questionnaires, contact forms or phone.
  • From your comments and activities on social media, when you follow or like our pages and/or posts on e.g. LinkedIn.
  • We receive your information from a business partner or a public authority.

 

Below, you can see our purposes for processing personal information. For every type of processing, you can also see our legal basis for the processing. The legal basis means we can point to a law, which allows our processing. You will also be able to see our retention periods for the information we process. We have sorted our processing activities into headlines, to make it easier for you to find the information that pertains to your specific situation.

Services/products

When you purchase our banking automation solution(s), we collect and process the following personal information:

  • Contact Information: This includes your name, address, email address, phone number, and other relevant contact details.
  • Payment Information: This includes details necessary to process payments, such as billing information and payment method
  • Booking information: time and place

Our purpose for processing your information is to receive, process, and fill your order.

Our legal basis for processing your information is:

  • Necessity for our fulfilment of a contract with you (GDPR art. 6(1)(b))

We will delete the information is deleted in accordance with the purchase agreement and data processing agreement. 

When we are the data processor

We provide our services to other companies, and in doing so, we become a data processor for them. It is always the data controller that must provide information about purpose and legal basis. Thus, if we process your personal information as data processor for another company, we cannot inform you as to any specifics. You should reach out to the data controller for further information. If you reach out to us, we cannot respond to your request but are instead required to pass it on to the relevant data controller in accordance with the data processing agreement governing our business relationship.

Transmission of personal information

We sometimes have third parties store and process information for us. That makes them a data processor for us. When we take on a data processor, we make sure to have a data processing agreement in place with them. They will only process the information on our behalf and will not be allowed to use the information for their own purposes.

We prioritise suppliers located within the EU or in third countries covered by adequacy decisions from the European Commission, cf. GDPR art. 45.

In some situations, your information will be passed on to other data controllers, such as banks, insurance brokers, debt collectors, distributors, tax authorities.

Unsafe third countries

We make use of some data processors/suppliers in unsafe third countries. When legislation in those countries does not offer the same level of protection as we have here in the EU, we have stricter obligations to protect your personal information.

When we transfer personal information to recipients in fx the USA, we do so based on e.g., The European Commissions standard contractual clauses (GDPR art. 46(2)(c)) or Data Privacy Framework (GDPR art. 45(9)]. If you wish to know more about whether your personal information is transferred and the steps we have taken to protect it, you can reach out to us to learn more. You can also request our documentation for appropriate safeguards.

Customer service, support, & sales

When you reach out to us by mail, phone, website contact form, or ordinary post, we will process the following information about you:

  • Any contact information pertaining to your chosen means of contact (e.g. number you were calling from, return address – email or post) as well as the contents of your inquiry.

Our purpose for processing this information is to respond to your inquiry and to uphold our customer service standards.

Our legal basis for the processing is:

  • Necessity for our fulfilment of a contract with you (GDPR art. 6(1)(b))
  • Necessity for pursuing our legitimate interest in being able to answer your questions as well as further communication to better identify issues or needs that should be addressed (GDPR art 6(1)(f))

We delete your information when it has served its purpose. Whether the purpose has been served is assessed based on the nature of each specific inquiry. We will process your information for as long as we have on-going correspondence with you. Once that correspondence is completed, any issues fixed, and if the contents require no further action, we will delete your information.

When you find us online

Our website

Cookies

A cookie is a small text file, saved to your computer, tablet or phone. A cookie is not a program that can contain viruses or other harmful software.

Some cookies are necessary to make websites work at all. With cookies, a website owner can also build statistics for the use of the website, as well as map how visitors navigate the site. This way, they can continue to improve the site and customize it for specific needs and interests. Many websites use the information gathered to show content customised for the individual user.

When you first visited our website, you were met with a cookie banner, informing you about the cookies we use. Read our cookie policy here. You also had the opportunity to decline all cookies, they are not strictly necessary for the functionality of the website.

Strictly necessary cookies:

If no cookies beyond the strictly necessary ones are active, we will only process the following personal information about you:

  • IP-address, unit-ID and cookie-consent status

 

Our purpose for this processing is:

  • Saving your cookie-choices, so we can respect your rejection of all optional cookies.
  • Managing the necessary content, functionality and security of our website.

 

Our legal basis for this processing is:

  • Our legitimate interest in adhering to your rejection of optional cookies (GDPR art. 6(1)(f))
  • Our legitimate interest in stable and secure management of our website (GDPR art. 6(1)(f))

 

The few types of personal information we process, when only strictly necessary cookies are in play, will be deleted either as your session on our website ends, or when you close your browser (session cookies), or when we have anonymised the information for analysis of security measures on the website.

Optional cookies:

If you consented to the use of one or more types of optional cookies, we also process the following information about you:

  • IP-address, timestamp, page views and sessions, areas, browser ID and language

Our purpose with this processing varies depending on the exact cookies in use. For detailed information about each specific cookie, please see our cookie policy here: Cookie Policy.

Our various purposes for our use of cookies can be summarised as follows:

  • For the optional functional cookies: Our ability to offer you additional functionality on our website that goes beyond the strictly necessary.
  • For the optional statistical/analytical cookies: Our ability to use information about your visit to the website, for aggregating anonymised statistics, for overall use of our website.
  • For marketing cookies: Our ability to exchange information with our business partners about your tracked activities across different websites, so we and our partners can use the information for marketing to your interests.

 

Our legal basis for all of the above is:

  • Your consent given via our cookie banner (GDPR art. 6(1)(a))

 

We will delete the information, when it has served the purpose for which we collected it. This means that the criteria that trigger deletion, are as follows:

  • When your visit on our website ends, or you close your browser (session cookies)
  • When the information has been anonymised for statistics and analyses.
  • When you revoke your consent
  • When the consent you gave expires automatically – this may vary by cookie.

 

You can always read more about cookies in our cookie policy, which can be found here: Cookie Policy, where you can also revisit and adjust your consent options.  

 

3.3 Our Social Media

When you follow, like, or otherwise interact with our company page on social media, we get access to the following information about you:

  • Your name, your likes, and your comments – including the contents of your comments
  • Video recordings
  • Titles
  • Company affiliation
  • Professional experience

Our purpose with this processing is to reach and potentially interact with followers and other interested parties on social media regarding offers, new areas, advertising.

Our legal basis for the processing is:

  • Our legitimate interest in marketing our business/products (GDPR art. 6(1)(f))

 

LinkedIn

We have joint controllership with LinkedIn regarding the information collected about you, when you interact with our company profile. This means that we cooperate with LinkedIn, when it comes to establishing and delegating responsibilities for our compliance regarding the processing of your personal information.

We have an agreement regulating this joint controllership, which you can find here: https://legal.linkedin.com/pages-joint-controller-addendum

If you do not have a personal LinkedIn-profile, LinkedIn collects information about the device you use, when accessing LinkedIn, your location/geodata, and information about your activity on LinkedIn. Any information your cookie settings allow to be tracked as regards your visits to other websites, will also be collected.

If you do have a personal LinkedIn profile, LinkedIn collects the same information as above. In addition to this, LinkedIn also collects any information, you have consented to, through creating your user profile, ie. Your reactions, comments, shares and any other activities on LinkedIn connected to your profile. 

Of all the information gathered by LinkedIn, we only receive that which you give us through direct interactions, e.g.: messages, likes/reactions, or comments. Beyond that, LinkedIn Page Analytics gives us access to anonymised statistics based on the information LinkedIn collects as described previously.  

If you wish to delete the information LinkedIn has about you, you can delete your user profile. If you choose to do that, all of your posts, pictures and information will be deleted. If you have any questions regarding the inner workings of LinkedIn Page Analytics, please contact LinkedIn directly. 

 

YouTube

We have joint controllership with YouTube (Google LLC) regarding the information collected about you, when you interact with our company channels. This means that we cooperate with YouTube, when it comes to establishing and delegating responsibilities for our compliance regarding the processing of your personal information.

We have an agreement regulating this joint controllership, which you can find here: https://business.safety.google/controllerterms/

YouTube uses your data to improve your user experience, e.g., to remind you of what you have watched, and give you relevant recommendations and search results. Your activity and your information may also be used for personalised ads on YouTube and other Google services. For this purpose, YouTube (Google LLC) places cookies on your unit, when you visit YouTube. Each cookie contains a unique identifier, which remains active for a period of two years unless deleted earlier. YouTube (Google LLC) collects your information through these cookies, and they subsequently store and process it. We receive only the aggregated results and statistics from this information. You can read more about Youtube (Google LLC) and their use of cookies here: https://policies.google.com/privacy

We do not pass along any information about you that we receive from Youtube (Google LLC). Youtube (Google LLC) may share your information with third parties.

If you wish to delete the cookies, you can see how via our cookie banner or you can reach out to Youtube (Google LLC).

Youtube (Google LLC) will process information about you, even if you do not have an account with them. Read more about this here: https://support.google.com/youtube/answer/10364219?hl=da

3.4. Pictures of you

We have an interest in portraying ourselves in a positive light, as business partner, place of employment, or otherwise. For this purpose, we publish pictures online, if we find them to be harmless to any persons depicted. We find this interest to be legitimate and to not go beyond any interests nor rights of the persons depicted. (GDPR art. 6(1)(f))

If you are going to appear in marketing materials, promotional videos, or similar things, we will make sure it happens based on your consent (GDPR art. 6(1)(a)) or on a signed modelling contract (GDPR art. 6(1)(b)).

We will always delete pictures that no longer serve their purpose. We will also delete them if our contract for the use of the pictures is voided, or if you revoke your consent for the use of the picture. You can always reach out to us, to object to our using pictures of you.  

 

3.5 Our organisation

Suppliers and business partners

When we enter contracts with suppliers or other business partners, it is necessary for us to collect and store information about their points of contact/account managers. We typically limit such processing to just:

  • Name and e-mail, phone and title/role

Our purpose with this processing is to adhere to our obligations and commitments under our contracts as well as ensure efficient communication.

Our legal basis for this processing is:

  • Our obligations and commitments under our contract (GDPR art. 6(1)(b))

 

Any information collected for this purpose will typically be deleted once a contract is fulfilled, unless we have specific reason to retain them for longer, e.g. a warranty period or to enable complaints.

We are required by law to retain our bookkeeping materials for 5 years from the end of the year they were filed. This may include some personal information, which will then be deleted along with the rest of the bookkeeping materials, once the retention period has passed – unless we have other reasons for keeping them, such as warranties or complaints.

 

3.6 Recruitment

If you apply for a position with us, we will process all the information included with your application, CV, and any other attached documents. We may choose to reach out to any references you have included with your application. Any information about you collected from those references will be processed with your application. Please note: We do not need you to include your national identification number  or CPR-number  with your application.

Our purpose with collecting information about you in the recruitment process is to assess, whether you are the right candidate for a position with us.

Our legal basis for this processing is:

  • Our legitimate interest in assessing your qualifications and skills pertaining to the position we are seeking to fill (GDPR art. 6(1)(f)).
  • If we obtain references from one or more of your previous employers or colleagues, we will record the information we have received. This is done based on a legitimate interest in verifying that you are the right candidate for the position (GDPR art. 6(1)(f))

 

If, during the recruitment process, we collect and process your national identification number or any information about criminal convictions and offences, we do so in accordance with the following:

  • If you are applying for a position, for which we require to see your diplomas or other papers and documentation, and if your national identification number / CPR-number appears in that documentation, we process it for the purpose of verifying the authenticity of your documents in order to establish, exercise, or defend against legal claims. The legal basis for this is (Danish Data Protection Act § 11, subsection 2, no. 4, cf. § 7, subsection 1 cf. GDPR art. 9(2)(f)).
  • If we find it relevant for the position, you are applying for, we will require your certificate of criminal record/ “straffeattest”. We do this for the purpose of ensuring your suitability for the position, and our legal basis is your consent (Danish Data Protection Act § 8, subsection 3)

 

If you include sensitive personal information with your application, we will process it based on the following legal basis:

  • Our legitimate interest in assessing your potential future with us, and a necessity for assessing and establishing any legal claims related to the recruitment process. (GDPR 6(1) (f & c) and (GDRP art. 9(2)(f)).

 

We will keep your application with addendums for up to 6 months beyond recruitment being finalized. After that point, your information will be deleted. Our purpose for this retention is to protect ourselves against any legal claims resulting from the recruitment process. For As to the legal basis for this processing, please see the section above.

If we find your profile to be of interest, albeit not for any currently open position, we may wish to keep your application with addendums for potential future positions openings. If this is the case, we will reach out to you, to get your consent for this continued retention. (GDPR art. 6(1)(a))

If you send us an unsolicited application, we will keep it for a maximum of 3 months, after which we will delete it.

According to data protection legislation, you have the right to be informed, whether giving us your personal information is a requirement by law, or a necessity for entering into a contract with us. You also have the right to be informed of any consequences of not giving us the information we ask of you. 

Please note that according to the Danish Health Information Act, before an employee takes up a new position, they are required to divulge, whether they know they have a condition or symptoms of a condition that will have significant impact in their ability to carry out the tasks associated with the job. This means you must let us know of such conditions or symptoms, either when asked or by your own initiative, and if you do not, it may mean you cannot remain in the position.

Additionally, if we decided to offer you employment, we are required under the Danish Employment Contracts Act to ensure a fully compliant employment contract is signed between us. This requires your name and address. If you do not wish to give us the information needed for a legally compliant contract, we cannot sign you on for any position.

 

4. Your rights

By reaching out to us you can exercise your data subject rights. This means you can make a data subject request to:

  • gain access to any personal information we have about you
  • rectify any erroneous personal information about you
  • request deletion of your personal information
  • have the processing of your personal information restricted to only storage
  • receive a copy of your personal information for the purpose of moving it to another data controller (data portability)
  • object to our processing of your personal information. Please note: whether or not we can accommodate your objection depends on an assessment of e.g. legitimate interest (GDPR art. 6(1)(f)). You will receive an explanation of that assessment and its results.

 

Some processing activities are based on your consent (GDPR art. 6(1)(a)). If you give your consent for us to process your personal information, it must be freely given. It will have no negative consequences for you, if you do not give your consent, if you only consent to specific parts of the processing, or if you withdraw your previously given consent. Withdrawal of consent can happen at any given time by reaching out to the contacts above. If you choose to withdraw your consent, it will have no bearing on the lawfulness of our processing of your information in the period from when your consent was given and until you withdrew it. 

If your personal information must be processed for purposes other than HR/management, we will notify you of this before we begin the processing.

When you reach out to us with a request to exercise your above-mentioned rights, we will get back to you within one month. If we cannot accommodate your request, we will let you know the reason why.

If you are not satisfied with our handling of your personal information or your data subject request, you have the right to lodge a complaint with the supervisory authority:

The Danish Data Protection Agency, Datatilsynet – You can do this at www.datatilsynet.dk/borger/klage